<?php
	session_start();
	if(!isset($_SESSION["jara_admin"])) {
		header("Location: ../login.php");
		exit;
	}
	if($_SESSION["jara_permissions"][0] == 0) {	
		header("Location: error.php");
		exit;
	}
	require_once("../include/templating_fns.php");
	require_once("../include/db_fns.php");
	jara_page_start("Edit Post - Administrator CP");
	$id = $_REQUEST["id"];
	if(isset($_REQUEST["edit_action"])) {
		try {
			$title = $_POST["title"];
			$text = $_POST["text"];
			$categoryid = $_POST["categoryid"];
			if(!get_magic_quotes_gpc()) {
				$title = addslashes($title);
				$text = addslashes($text);
			}
			$query = "update jara_posts set title = '$title', text = '$text', categoryid = '$categoryid', allowcomments = '0' where id = '$id'";
			if(isset($_POST["allowcomments"])) {
				$query = "update jara_posts set title = '$title', text = '$text', categoryid = '$categoryid', allowcomments = '1' where id = '$id'";
			}
			$result = jara_db_query($query);
			if($result == 0) {
				throw new JaraGeneralException("Couldn't edit the post $title.");
			}
			else {
				echo "<p>Edited post successfully.<br />";
				echo "<a href=\"../index.php\">View latest posts</a></p>";
				jara_page_end();
				exit;
			}
		}
		catch(JaraDatabaseException $ex) {
?>
	<p>
		A database error occured during the process of creating this page.
	</p>
	<p>
		Error type: <?php echo (($ex->getSqlStage() == 1) ? "MySQL connection error" : "MySQL query error"); ?><br />
		Error message: &quot;<?php echo $ex->getSqlMsg(); ?>&quot; [code <?php echo $ex->getSqlCode(); ?>]
	</p>
<?php
			jara_page_end();
			exit;
		}
		catch(JaraGeneralException $ex) {
?>
	<p>
		A general error occured during the process of creating this page.
	</p>
	<p>
		Error message: &quot;<?php echo $ex->getMessage(); ?>&quot;
	</p>
<?php
			jara_page_end();
			exit;
		}
		exit;
	}
	try {
?>
<form action="edit_post.php" method="post">
<p>
<input type="hidden" name="edit_action" id="edit_action" value="set" />
<input type="hidden" name="id" id="id" value="<?php echo $_REQUEST["id"]; ?>" />
<?php
	$result = jara_db_query("select * from jara_posts where id = '$id'");
	if($result->num_rows == 0) {
		throw new JaraGeneralException("The requested post does not exist.");
	}
	$row = $result->fetch_assoc();
?>
Post title: <input type="text" id="title" name="title" style="width: 500px" value="<?php echo $row["title"]; ?>" /><br />
Write your post:<br />
<textarea name="text" id="text" cols="60" rows="8"><?php echo $row["text"]; ?></textarea>
<script language="JavaScript" type="text/javascript" src="scripts/wysiwyg.js"></script>
<script language="JavaScript" type="text/javascript">WYSIWYG.attach('text');</script>
<br /><br />
<input type="checkbox" name="allowcomments" id="allowcomments" <?php if($row["allowcomments"] == 1) { ?> checked="checked" <?php } ?>/> Allow Comments<br />
Category: <select name="categoryid" id="categoryid"><?php $result = jara_db_query("select * from jara_categories"); for($i = 0; $i < $result->num_rows; $i++) { $crow = $result->fetch_assoc(); ?><option value="<?php echo $crow["categoryid"]; ?>"<?php if($row["categoryid"] == $crow["categoryid"]) { ?> selected="selected"<?php } ?>><?php echo $crow["title"]; ?></option><?php } ?></select><br />
<input type="submit" value="Save" />
</p>
</form>
<?php
	}
	catch(JaraDatabaseException $ex) {
?>
<p>
A database error occured during the process of creating this page.
</p>
<p>
Error type: <?php echo (($ex->getSqlStage() == 1) ? "MySQL connection error" : "MySQL query error"); ?><br />
Error message: &quot;<?php echo $ex->getSqlMsg(); ?>&quot; [code <?php echo $ex->getSqlCode(); ?>]
</p>
<?php
		jara_page_end();
		exit;
	}
	catch(JaraGeneralException $ex) {
?>
<p>
A general error occured during the process of creating this page.
</p>
<p>
Error message: &quot;<?php echo $ex->getMessage(); ?>&quot;
</p>
<?php
		jara_page_end();
		exit;
	}
	jara_page_end();
?>